<?php
if (!defined('ACCOUNT_INIT'))
	exit ('Access Denied!');

class core {

	private $db = null;

	public function __construct($db) {
		$this->db = $db;
		$this->ip = $_SERVER['REMOTE_ADDR'];
	}

	public function __destruct() {
		unset ($this->db);
	}

	public function login($user, $pswd) {
		if ($user > 0 && $pswd != '') {
			$sql = "CALL ".DB_NAME_IM.".sp_cklogin({$user},'{$pswd}','password','{$this->ip}','store')";
			$result = $this->getAllSQL($sql);
			if (is_array($result)) {
				return $result[0];
			}
		}
		return false;
	}

	public function account_safe($type, $uin, $safemail, $question, $answer) {
		if ($type > 1 && $uin > 0 && strlen($safemail) >= 6 && $question != '' && $answer != '') {
			$sql = 'CALL '.DB_NAME_AUTH.'.sp_account_safe(' . $type . ',' . $uin . ',"' . $safemail . '","' . $question . '","' . $answer . '");';
			$result = $this->getAllSQL($sql);
			if (is_array($result)) {
				return $result[0];
			}
		}
		return false;
	}

	public function account_show($uin) {
		if ($uin > 0) {
			$sql = 'CALL '.DB_NAME_AUTH.'.sp_account_show(' . $uin . ');';
			$result = $this->getAllSQL($sql);
			if (is_array($result)) {
				return $result[0];
			}
		}
		return false;
	}

	public function pswd_chg($uin, $pswd, $old) {
		if ($uin > 0 && strlen($old) >= 6 && strlen($pswd) >= 6) {
			$sql    = "CALL ".DB_NAME_IM.".sp_chgpswd({$uin},'{$pswd}','{$old}','{$this->ip}','store')";
			$result = $this->getAllSQL($sql);
			if (is_array($result)) {
				return $result[0][0];
			}
		}
		return false;
	}

	public function pswd_reset($uin, $pswd, $question, $answer) {
		if ($uin > 0 && strlen($pswd) >= 6 && isset ($question) && isset ($answer)) {
			$sql = "CALL ".DB_NAME_IM.".sp_csfpswd({$uin},'{$pswd}','{$question}','{$answer}','{$this->ip}','store-reset')";
			$result = $this->getAllSQL($sql);
			if (is_array($result)) {
				return $result[0][0];
			}
		}
		return false;
	}

	public function session_login($uin, $sessionKey) {
		if ($uin > 0 && $sessionKey != "") {
			$sql = "CALL ".DB_NAME_IM.".sp_cklogin('{$uin}','{$sessionKey}','session','{$this->ip}','store')";
			$result = $this->getAllSQL($sql);
			if (is_array($result)) {
				return $result[0];
			}
		}
		return false;
	}

	private function getAllSQL($sql) {
		if ($sql != '') {
			$result = $this->db->GetAll($sql);
			$this->db->NextResult();
			if (is_array($result)) {
				return $result;
			}
		}
		return false;
	}
}
?>